@gotgenes/pi-permission-system 5.6.1 → 5.6.3

package/tests/{external-directory.test.ts → path-utils.test.ts}

@@ -1,23 +1,5 @@
 import { join } from "node:path";
-import { afterEach, beforeEach, describe, expect, test, vi } from "vitest";
-
-// Hoisted stubs for mocks that reference them in vi.mock factories.
-const { mockSpawnSync, mockExistsSync } = vi.hoisted(() => ({
-  mockSpawnSync: vi.fn(),
-  mockExistsSync: vi.fn(),
-}));
-
-// Mock node:child_process so tests don't spawn real subprocesses.
-vi.mock("node:child_process", () => ({
-  spawnSync: mockSpawnSync,
-  default: { spawnSync: mockSpawnSync },
-}));
-
-// Mock node:fs so existsSync is controllable.
-vi.mock("node:fs", () => ({
-  existsSync: mockExistsSync,
-  default: { existsSync: mockExistsSync },
-}));
+import { describe, expect, test, vi } from "vitest";
 
 // Mock node:os so tilde-expansion is deterministic across platforms.
 vi.mock("node:os", () => {
@@ -29,79 +11,16 @@ vi.mock("node:os", () => {
 });
 
 import {
-  discoverGlobalNodeModulesRoot,
-  formatExternalDirectoryAskPrompt,
-  formatExternalDirectoryDenyReason,
-  formatExternalDirectoryHardStopHint,
-  formatExternalDirectoryUserDeniedReason,
   getPathBearingToolPath,
   isPathOutsideWorkingDirectory,
   isPathWithinDirectory,
+  isPiInfrastructureRead,
   isSafeSystemPath,
   normalizePathForComparison,
   PATH_BEARING_TOOLS,
+  READ_ONLY_PATH_BEARING_TOOLS,
   SAFE_SYSTEM_PATHS,
-} from "../src/external-directory";
-
-afterEach(() => {
-  vi.restoreAllMocks();
-});
-
-describe("PATH_BEARING_TOOLS", () => {
-  test("contains the expected tool names", () => {
-    for (const tool of ["read", "write", "edit", "find", "grep", "ls"]) {
-      expect(PATH_BEARING_TOOLS.has(tool)).toBe(true);
-    }
-  });
-
-  test("does not contain bash or mcp", () => {
-    expect(PATH_BEARING_TOOLS.has("bash")).toBe(false);
-    expect(PATH_BEARING_TOOLS.has("mcp")).toBe(false);
-  });
-});
-
-describe("SAFE_SYSTEM_PATHS", () => {
-  test("contains /dev/null, /dev/stdin, /dev/stdout, /dev/stderr", () => {
-    expect(SAFE_SYSTEM_PATHS.has("/dev/null")).toBe(true);
-    expect(SAFE_SYSTEM_PATHS.has("/dev/stdin")).toBe(true);
-    expect(SAFE_SYSTEM_PATHS.has("/dev/stdout")).toBe(true);
-    expect(SAFE_SYSTEM_PATHS.has("/dev/stderr")).toBe(true);
-  });
-});
-
-describe("isSafeSystemPath", () => {
-  test("returns true for /dev/null", () => {
-    expect(isSafeSystemPath("/dev/null")).toBe(true);
-  });
-
-  test("returns true for /dev/stdin", () => {
-    expect(isSafeSystemPath("/dev/stdin")).toBe(true);
-  });
-
-  test("returns true for /dev/stdout", () => {
-    expect(isSafeSystemPath("/dev/stdout")).toBe(true);
-  });
-
-  test("returns true for /dev/stderr", () => {
-    expect(isSafeSystemPath("/dev/stderr")).toBe(true);
-  });
-
-  test("returns false for an arbitrary absolute path", () => {
-    expect(isSafeSystemPath("/etc/passwd")).toBe(false);
-  });
-
-  test("returns false for a path prefixed with a safe system path", () => {
-    expect(isSafeSystemPath("/dev/null/subdir")).toBe(false);
-  });
-
-  test("returns false for an empty string", () => {
-    expect(isSafeSystemPath("")).toBe(false);
-  });
-
-  test("returns false for a relative path", () => {
-    expect(isSafeSystemPath("dev/null")).toBe(false);
-  });
-});
+} from "../src/path-utils";
 
 describe("normalizePathForComparison", () => {
   const cwd = "/projects/my-app";
@@ -179,6 +98,75 @@ describe("isPathWithinDirectory", () => {
   });
 });
 
+describe("PATH_BEARING_TOOLS", () => {
+  test("contains the expected tool names", () => {
+    for (const tool of ["read", "write", "edit", "find", "grep", "ls"]) {
+      expect(PATH_BEARING_TOOLS.has(tool)).toBe(true);
+    }
+  });
+
+  test("does not contain bash or mcp", () => {
+    expect(PATH_BEARING_TOOLS.has("bash")).toBe(false);
+    expect(PATH_BEARING_TOOLS.has("mcp")).toBe(false);
+  });
+});
+
+describe("READ_ONLY_PATH_BEARING_TOOLS", () => {
+  test("contains read, find, grep, ls", () => {
+    for (const tool of ["read", "find", "grep", "ls"]) {
+      expect(READ_ONLY_PATH_BEARING_TOOLS.has(tool)).toBe(true);
+    }
+  });
+
+  test("does not contain write or edit", () => {
+    expect(READ_ONLY_PATH_BEARING_TOOLS.has("write")).toBe(false);
+    expect(READ_ONLY_PATH_BEARING_TOOLS.has("edit")).toBe(false);
+  });
+});
+
+describe("SAFE_SYSTEM_PATHS", () => {
+  test("contains /dev/null, /dev/stdin, /dev/stdout, /dev/stderr", () => {
+    expect(SAFE_SYSTEM_PATHS.has("/dev/null")).toBe(true);
+    expect(SAFE_SYSTEM_PATHS.has("/dev/stdin")).toBe(true);
+    expect(SAFE_SYSTEM_PATHS.has("/dev/stdout")).toBe(true);
+    expect(SAFE_SYSTEM_PATHS.has("/dev/stderr")).toBe(true);
+  });
+});
+
+describe("isSafeSystemPath", () => {
+  test("returns true for /dev/null", () => {
+    expect(isSafeSystemPath("/dev/null")).toBe(true);
+  });
+
+  test("returns true for /dev/stdin", () => {
+    expect(isSafeSystemPath("/dev/stdin")).toBe(true);
+  });
+
+  test("returns true for /dev/stdout", () => {
+    expect(isSafeSystemPath("/dev/stdout")).toBe(true);
+  });
+
+  test("returns true for /dev/stderr", () => {
+    expect(isSafeSystemPath("/dev/stderr")).toBe(true);
+  });
+
+  test("returns false for an arbitrary absolute path", () => {
+    expect(isSafeSystemPath("/etc/passwd")).toBe(false);
+  });
+
+  test("returns false for a path prefixed with a safe system path", () => {
+    expect(isSafeSystemPath("/dev/null/subdir")).toBe(false);
+  });
+
+  test("returns false for an empty string", () => {
+    expect(isSafeSystemPath("")).toBe(false);
+  });
+
+  test("returns false for a relative path", () => {
+    expect(isSafeSystemPath("dev/null")).toBe(false);
+  });
+});
+
 describe("getPathBearingToolPath", () => {
   test("returns path for a path-bearing tool", () => {
     expect(getPathBearingToolPath("read", { path: "/src/foo.ts" })).toBe(
@@ -249,177 +237,57 @@ describe("isPathOutsideWorkingDirectory", () => {
   });
 });
 
-describe("formatExternalDirectoryHardStopHint", () => {
-  test("returns the hard stop instruction string", () => {
-    const hint = formatExternalDirectoryHardStopHint();
-    expect(hint).toContain("Hard stop");
-    expect(hint).toContain("external directory");
-  });
-});
-
-describe("formatExternalDirectoryAskPrompt", () => {
-  test("uses 'Current agent' when no agent name provided", () => {
-    const result = formatExternalDirectoryAskPrompt(
-      "read",
-      "/etc/passwd",
-      "/projects/my-app",
-    );
-    expect(result).toContain("Current agent");
-    expect(result).toContain("read");
-    expect(result).toContain("/etc/passwd");
-    expect(result).toContain("/projects/my-app");
-  });
-
-  test("uses agent name when provided", () => {
-    const result = formatExternalDirectoryAskPrompt(
-      "write",
-      "/tmp/out.txt",
-      "/projects/my-app",
-      "my-agent",
-    );
-    expect(result).toContain("Agent 'my-agent'");
-    expect(result).toContain("write");
-    expect(result).toContain("/tmp/out.txt");
-  });
-});
-
-describe("formatExternalDirectoryDenyReason", () => {
-  test("includes tool name, path, cwd, agent name, and hard stop hint", () => {
-    const result = formatExternalDirectoryDenyReason(
-      "read",
-      "/etc/passwd",
-      "/projects/my-app",
-      "sec-agent",
-    );
-    expect(result).toContain("Agent 'sec-agent'");
-    expect(result).toContain("read");
-    expect(result).toContain("/etc/passwd");
-    expect(result).toContain("/projects/my-app");
-    expect(result).toContain("Hard stop");
-  });
-
-  test("uses 'Current agent' without agent name", () => {
-    const result = formatExternalDirectoryDenyReason(
-      "read",
-      "/etc",
-      "/projects",
-    );
-    expect(result).toContain("Current agent");
-  });
-});
-
-describe("formatExternalDirectoryUserDeniedReason", () => {
-  test("includes tool name and path", () => {
-    const result = formatExternalDirectoryUserDeniedReason(
-      "edit",
-      "/etc/hosts",
-    );
-    expect(result).toContain("edit");
-    expect(result).toContain("/etc/hosts");
-    expect(result).toContain("Hard stop");
-  });
-
-  test("appends denial reason when provided", () => {
-    const result = formatExternalDirectoryUserDeniedReason(
-      "edit",
-      "/etc/hosts",
-      "too risky",
-    );
-    expect(result).toContain("Reason: too risky");
-  });
-
-  test("omits reason suffix when not provided", () => {
-    const result = formatExternalDirectoryUserDeniedReason(
-      "edit",
-      "/etc/hosts",
-    );
-    expect(result).not.toContain("Reason:");
-  });
-});
-
-describe("discoverGlobalNodeModulesRoot", () => {
-  // The walk-up-from-self strategy uses import.meta.url which resolves to a
-  // path inside the source tree during tests — there is no node_modules
-  // ancestor. So the fallback path is exercised naturally here.
-  //
-  // For the "walk-up succeeds" case, we verify the subprocess is NOT called
-  // by confirming spawnSync call count stays at zero when the URL has a
-  // node_modules ancestor.
-
-  beforeEach(() => {
-    mockSpawnSync.mockReset();
-    mockExistsSync.mockReset();
-  });
-
-  test("returns node_modules root when URL is inside a node_modules tree", () => {
-    // Simulate a URL whose file path contains a node_modules ancestor.
-    const fakeUrl =
-      "file:///opt/homebrew/lib/node_modules/@gotgenes/pi-permission-system/dist/external-directory.js";
-    const result = discoverGlobalNodeModulesRoot(fakeUrl);
-    expect(result).toBe("/opt/homebrew/lib/node_modules");
-    // Subprocess should NOT have been invoked — walk-up succeeds.
-    expect(mockSpawnSync).not.toHaveBeenCalled();
-  });
-
-  test("calls npm root -g as fallback when walk-up finds no node_modules ancestor", () => {
-    const npmRootPath = "/opt/homebrew/lib/node_modules";
-    mockSpawnSync.mockReturnValue({
-      status: 0,
-      stdout: `${npmRootPath}\n`,
-    });
-    mockExistsSync.mockReturnValue(true);
-
-    // Use a file URL with no node_modules ancestor.
-    const fakeUrl = "file:///Users/dev/my-project/src/external-directory.ts";
-    const result = discoverGlobalNodeModulesRoot(fakeUrl);
-
-    expect(mockSpawnSync).toHaveBeenCalledWith(
-      "npm",
-      ["root", "-g"],
-      expect.objectContaining({ encoding: "utf-8" }),
+describe("isPiInfrastructureRead", () => {
+  const cwd = "/projects/my-app";
+  const infraDirs = ["/mock/home/.pi/agent"];
+
+  test("returns true for read-only tool reading from infra dir", () => {
+    expect(
+      isPiInfrastructureRead(
+        "read",
+        "/mock/home/.pi/agent/config.json",
+        infraDirs,
+        cwd,
+      ),
+    ).toBe(true);
+  });
+
+  test("returns false for write tool even in infra dir", () => {
+    expect(
+      isPiInfrastructureRead(
+        "write",
+        "/mock/home/.pi/agent/config.json",
+        infraDirs,
+        cwd,
+      ),
+    ).toBe(false);
+  });
+
+  test("returns true for read-only tool reading from project .pi/npm", () => {
+    expect(
+      isPiInfrastructureRead(
+        "read",
+        "/projects/my-app/.pi/npm/package.json",
+        [],
+        cwd,
+      ),
+    ).toBe(true);
+  });
+
+  test("returns true for read-only tool reading from project .pi/git", () => {
+    expect(
+      isPiInfrastructureRead(
+        "grep",
+        "/projects/my-app/.pi/git/some-file",
+        [],
+        cwd,
+      ),
+    ).toBe(true);
+  });
+
+  test("returns false for path outside all infra dirs and project dirs", () => {
+    expect(isPiInfrastructureRead("read", "/etc/passwd", infraDirs, cwd)).toBe(
+      false,
     );
-    expect(result).toBe(npmRootPath);
-  });
-
-  test("returns null when walk-up fails and npm root -g returns non-zero exit", () => {
-    mockSpawnSync.mockReturnValue({ status: 1, stdout: "" });
-
-    const fakeUrl = "file:///Users/dev/my-project/src/external-directory.ts";
-    const result = discoverGlobalNodeModulesRoot(fakeUrl);
-
-    expect(result).toBeNull();
-  });
-
-  test("returns null when walk-up fails and spawnSync throws", () => {
-    mockSpawnSync.mockImplementation(() => {
-      throw new Error("ENOENT");
-    });
-
-    const fakeUrl = "file:///Users/dev/my-project/src/external-directory.ts";
-    const result = discoverGlobalNodeModulesRoot(fakeUrl);
-
-    expect(result).toBeNull();
-  });
-
-  test("returns null when walk-up fails and npm root -g returns non-existent path", () => {
-    mockSpawnSync.mockReturnValue({
-      status: 0,
-      stdout: "/some/nonexistent/node_modules\n",
-    });
-    mockExistsSync.mockReturnValue(false);
-
-    const fakeUrl = "file:///Users/dev/my-project/src/external-directory.ts";
-    const result = discoverGlobalNodeModulesRoot(fakeUrl);
-
-    expect(result).toBeNull();
-  });
-
-  test("returns null when walk-up fails and npm root -g returns empty stdout", () => {
-    mockSpawnSync.mockReturnValue({ status: 0, stdout: "   " });
-
-    const fakeUrl = "file:///Users/dev/my-project/src/external-directory.ts";
-    const result = discoverGlobalNodeModulesRoot(fakeUrl);
-
-    expect(result).toBeNull();
   });
 });

package/tests/permission-merge.test.ts

@@ -0,0 +1,61 @@
+import { describe, expect, test } from "vitest";
+
+import { mergeFlatPermissions } from "../src/permission-merge";
+
+describe("mergeFlatPermissions", () => {
+  test("string replaces string", () => {
+    const result = mergeFlatPermissions({ tools: "ask" }, { tools: "allow" });
+    expect(result).toEqual({ tools: "allow" });
+  });
+
+  test("both objects → shallow-merge pattern maps", () => {
+    const result = mergeFlatPermissions(
+      { bash: { "rm *": "deny", "git *": "ask" } },
+      { bash: { "rm *": "allow", "npm *": "allow" } },
+    );
+    expect(result).toEqual({
+      bash: { "rm *": "allow", "git *": "ask", "npm *": "allow" },
+    });
+  });
+
+  test("object replaces string", () => {
+    const result = mergeFlatPermissions(
+      { tools: "ask" },
+      { tools: { Write: "deny" } },
+    );
+    expect(result).toEqual({ tools: { Write: "deny" } });
+  });
+
+  test("string replaces object", () => {
+    const result = mergeFlatPermissions(
+      { tools: { Write: "deny" } },
+      { tools: "allow" },
+    );
+    expect(result).toEqual({ tools: "allow" });
+  });
+
+  test("empty override returns base unchanged", () => {
+    const base = { tools: "ask" as const, bash: { "rm *": "deny" as const } };
+    const result = mergeFlatPermissions(base, {});
+    expect(result).toEqual(base);
+  });
+
+  test("empty base returns override", () => {
+    const override = { tools: "allow" as const };
+    const result = mergeFlatPermissions({}, override);
+    expect(result).toEqual(override);
+  });
+
+  test("preserves keys only in base", () => {
+    const result = mergeFlatPermissions(
+      { tools: "ask", bash: "deny" },
+      { tools: "allow" },
+    );
+    expect(result).toEqual({ tools: "allow", bash: "deny" });
+  });
+
+  test("adds keys only in override", () => {
+    const result = mergeFlatPermissions({ tools: "ask" }, { bash: "allow" });
+    expect(result).toEqual({ tools: "ask", bash: "allow" });
+  });
+});